Sweet Security has introduced a cloud detection engine that leverages a large language model to identify potential cloud security threats in real time, Security Boulevard reports.
The new capability also makes it easier to detect zero-day threats and certain otherwise undetectable malicious activities. The engine analyzes cloud variables with greater precision, thus reducing cloud detection noise to just 0.04% without the need to first define normal cloud behavior, said Sweet Security Chief Product Officer Eyal Fisher.
To further minimize alert fatigue, the engine categorizes each detected incident as "malicious," "suspicious," or "bad practice." Additionally, Sweet Security also features a heat map to highlight danger zones within the cloud environment, helping organizations focus remediation efforts, and identifies team members who are responsible for each remediation task. Sweet Security’s approach challenges traditional rules-based security tools by using an LLM to correlate possible attack patterns with application data. This technique aims to minimize misconfigurations, which are often attributable to application developers with little cybersecurity expertise having to provision for cloud environments.